WCF SSL Service with PHP

We had a task recently that required our team – me with my colleague Ahmad to write php code to integrate with existing WCF webservice that includes attaching SSL certificates to requests. The application used to integrate with third-party banking system using a form of B2B web service.
In the following post, the main steps we used to write PHP code compatible with WCF:

Existing .net application

The original code was written in C# using WCF webservice over SOAP, it was attaching SSL certificate in PFX format -that includes all certificate chain -, and a separate private key file (as .key format).

PFX format (PKCS#12) is binary format which is usually used in windows to export/import SSL certificates; it stores certificate, intermediate certificates – if there is any – and private key in one file that can be encrypted and signed.

In original C# code, they defined a class that inherits SoapHttpClientProtocol which was used to add SSL certificates to soap request.

Generating SSL files

The existing code was attaching ssl certificate in .pfx format file, so I converted it to .pem format (which is the standard format for openssl) and extracted the key as separate file using openssl commands as following:

Extending SoapClient Class

Normally SSL certificate can be used in php SOAP request by setting `local_cert` parameter in SoapClient Constructor. however I found this option somehow limited, because there is no ability for a private key to be attached as separate file in the request.
so what we did is to extend soap client and override __doRequest method to be based on curl to send soap request as HTTP message as following:

In case curl error “Peer certificate cannot be authenticated with known CA certificates” appeared – which is usually happens in windows- you shall download CA certificate bundle from Mozilla – or other trusted source -, and save it to your system and set CURLOPT_CAINFO option in curl:

About me

My name is Zeid Rashwani, Syrian LAMP developer, lives in Jordan/Amman and works in Wewebit. Web development is my main activity, in my free time I tend to watch anime and movies..
This blog contains technical topics related to web development, along with other matters.